package com.example.oauth2server.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;

/**
 * @ClassName : ResourceServerConfig
 * @Description : 配置资源服务器
 * 用于控制的密码或者授权码访问的资源，只能是client_id对应服务的资源  // TODO: 2021/8/10 比较重要，有迷惑性
 * @Author : tianshuo
 * @Date: 2021-08-10 22:21
 */
@Configuration
@EnableResourceServer
public class ResourceServerConfig  extends ResourceServerConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .anyRequest().authenticated()
                .and().requestMatchers().antMatchers("/user/**");

    }

    /**
     * 设置的资源服务器的资源id，用于校验第三方服务能访问的资源信息，即oauth_client_details表client_id能够访问的resources_ids
     * @param resources
     */
    @Override
    public void configure(ResourceServerSecurityConfigurer resources) {
        //设置resourceId 默认为oauth2-resource
        resources.resourceId("oauth2-server");
        //...... 还可以有有其他的配置
    }
}

